MX Police Blog

Latest news and views

The Current Climate of Web-Based Malware Threats

by Christopher on November 27, 2011

The internet is becoming more hazardous to daily users, even those who take care to avoid the sort of websites typically associated with malware infections. In fact, malware infections are now considerably more likely to occur by visiting a compromised legitimate website than by opening a web page created to deliver malware, according to the MessageLabs Intelligence 2010 Annual Security Report. Last year, MessageLabs found 42,926 domains spreading malicious software, most of which were legitimate sites.

Commtouch’s Q4 2010 Internet Threats Trend Report outlines the type of sites most often compromised with malware. Pornographic sites are the perennial leader in this respect, followed by parked domains, computers and technology sites, business sites, and then education sites. The report also identifies the sites most often compromised with phishing ploys recently. The leading threat in this respect is gaming sites, with shopping sites, health and medicine sites, computer and technology sites, and business sites rounding out the top five.

Malware spread among peer-to-peer (P2P) websites that facilitate content and file sharing is a leading threat heading into 2011. In the second half of 2010, 3.2 million malware attacks were launched each month from P2P platforms, notes the Outcomes for 2010 and Predictions for 2011 report issued by Kaspersky Lab. The types of web-based threats spreading via P2P networks are practically all-encompassing; file viruses, a variety of worms, SMS fraud programs, backdoors, and Rogue AV software are all being seen in this context.

We’re also currently seeing a spike in ploys to get internet users to unwittingly download malicious software of their own volition. This has prompted cyber-criminals to further employ blackhat SEO techniques, disruptive ads, and unwanted re-directs to bring traffic to sites of infection.

The Koobface malware, whose name is a play on “Facebook,” is a current notable example of threats that trick users into downloading the infection. Commonly, victims received a message from friends on Facebook alerting them to a video posted on Blogger in which they were shown. Anxious to see themselves, users would follow the link to Blogger, unaware the message was inauthentic and originating from a friend’s hacked Facebook account. To see the video, the victim was prompted to download a necessary plug-in, which contained the Koobface malware.

One particularly alarming new threat, especially to industrial companies, is malware like the recent Stuxnet worm. Malware like this example has been targeting programmable logic controllers (PLCs), which are computers that operate the automated functions of electromechanical processes. The Stuxnet worm is the most significant web-based attempt at industrial sabotage we’ve seen, and the implications are quite dire, even posing very real threats to worker safety.

Also disturbing is the breakdown in 2010 of the guarantees associated with digital signatures and digital certificates, notes the Kaspersky Lab report. The former attest to the legitimacy of a message and its sender, while the latter establish the credentials of parties involved in web-based transactions. Currently, cyber-criminals are demonstrating the ability to create or obtain (legally or illegally) these online assets. The uses are varied and dangerous, compromising online transactions and facilitating fraud, as well as providing ways to fool and bypass the security measures in place on web-based applications.

The Kaspersky Lab report also identifies a key threat to watch for now, which it dubs Spyware 2.0. More sophisticated malware is already being employed with the one goal of illegally obtaining any and every piece of information possible, and this threat promises to increase in the foreseeable future. This new class of spyware indiscriminately steals all private information it gains access to, be it user names and passwords, financial data, contact lists, proprietary secrets, or anything else. Of course, the uses for this information vary, but all of it can be used for a cyber-criminal’s financial gain. The consequences of such malware infections can be ruinous for an individual or a company, with the latter possibly being exposed to major public relations nightmares and legal action.

The current climate of web-based threats is certainly not a pleasant one. And from the looks of things, it will continue to get worse before it gets better. One disturbingly clear fact is that we can no longer rely solely on our common sense to avoid malware and other online threats, as they are now lurking on legitimate sites across the web. This underscores the need for up-to-date information and for advanced, state-of-the-art malware protection.

Testimonials

This new filter is working so great it's kinda eerie
Jason Hamilton
Customer Support Manager
Handel IT

Christopher is a very knowledgeable, reliable guy who will work with you to come up with the best solution to your business needs. He's easy to work with and I highly recommend him.
Tony Wilko
CEO
Infuseweb LLC

Thank you Jason and everybody in IT for signing on with MX Police. From what I can tell after the first day, it does a great job. Very nice!
Even Brande
CEO
Handel IT

I didn't receive any spam. Yahoo! I will read my reports tomorrow when I am in the studio and see if any were marked spam that weren't however at quick glance it is fantastic!!!!!!
Anne Brande
Owner
Ludwig Photo

It has certainly died down for me. Waiting to see how it is for the Blackberry when that is back up but based upon what I've seen (or not seen) in my inbox today it looks very good.
Casey Bader
VP of Sales
Handel IT

Has definitely gotten rid of a large amount of unwanted emails for everyone
Lisa Allard
Chief Operations Officer
Families in Transition

MX POLICE is a real time saver by decreasing spam and viruses it has increase productivity and has eliminated the time to manage a spam filtering appliances and servers.
Jonathan Dias
President
JDSCC Inc.

MX Police is working great for us. Many of us used to get over 200+ SPAM e-mails a day. Absolutely Wonderful Product.
Bob DeCrescenzo
Sr. Programmer Analyst
Numeric Computer Systems

Immediately I noticed the reduction in the amount of spam we were receiving.
Prior to installing the software our office employees were spending a great deal of time
every morning deleting the spam. The minimal monthly fee is well worth it and I would recommend this product highly.
Grace L. Palmer
Office Manager
The Chappy Corporation

Before getting MX Police our email accounts were getting plagued with spam. Now that we have moved to an exchange server + added MX Police, The spam has been "captured" and our staff does not have to deal with embarrassing offers or subject matter.
Denise Germano
IT Manager
Girl Scouts of Swift Water Council

I have been a customer of Lexan Systems for over a year, and all of their products and services have been fantastic. Their security consulting is by far the best our company has ever hired, and their hosting and email solutions are exceptional. The best though, is the customer support which exceeds any expectations.
Eli Portnoy
CEO
Emerging Demographics Inc.

I had the pleasure to partner with Christopher on a project for my current employer. I found Chris to be extremely well versed with the subject matter of the project. Chris is personable, easy to work with, an excellent teacher, a clear communicator, extremely intelligent.
Steve Moon
Information Technology Manager
Davis Vision Inc.

They have provided our Company with great customer service. We appreciate their efforts
Dan Gould
Technology Director
Guidance Tax Services